IN THE CLAIMS : 

Please AMEND claims 1-6, 8, 14, and 28 as shown below. 

1 . (Currently Amended) A method fef -of g enerating a subscriber identifier, the 
method comprising: th e st e ps of: 

generating an identifier base string based on encrypting a subscriber identifying 

value; 

generating an integrity check value based on the identifier base string; and 
generating a-the subscriber identifier based on a concatenation of the identifier 
base string and an-the integrity check value. 

2. (Currently Amended) The method according to claim 1, wherein the g enerating 
the identifier base string comprises ! th e st e ps of: 

binary coding of the subscriber identifying value, 
concatenating a random number, and 

performing an encryption algorithm on the concatenated binary coded subscriber 
identifying value and the random number, for generating the identifier base string. 

3. (Currently Amended) The method according to claim 1, wherein in-the 
generating the subscriber identifier generating stop x omprises performing a base 64 
conversion is performed on the concatenated identifier base string and the integrity check 
value. 

4. (Currently Amended) The method according to claim 1, further comprising:-4he 

st e p of 

using a key indicator for indicating a used ciphering key, 



-2- 



ApplicationNo.: 10/615,461 



wherein in-the generating the identifier base string gen e rating st e p, comprises 
concatenating the key indicator is concat e nat e d t o the-a_value obtained by the encryption 
of the subscriber identifying value. 

5. (Currently Amended) The method according to claim 2, further comprisingi-the 

st e p of 

using an identifier type indicator for indicating that the subscriber identifier is a 
particular identifier type, 

wherein in-the generating the identifier base string gen e rating step, comprises 
concatenating t he id e ntity identifier type indicator is concatenated t o the-avalue obtained 
by the encryption of the subscriber identifying value. 

6. (Currently Amended) The method according to claim 2, wherein «-the 
performing the encryption algorithm ste ^comprises providing a defined length is 
provided for the concatenated binary coded subscriber identifying value and the random 
number, wherein most significant bits not used for the binary coded subscriber 
identifying value are set to 1, respectively. 

7. (Original) The method according to claim 1, wherein the integrity check value 
is generated by performing a pseudo random function on the identifier base string using 
an integrity key. 

8. (Currently Amended) The method according to claim 7, further comprising:4fee 

st e p of 

using a key indicator for indicating a used ciphering key and the integrity key used 
for generating the integrity check value, wherein the key indicator is concatenated to a 
value obtained by encryption of the subscriber identifying value. 
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9. (Original) The method according to claim 7, wherein the pseudo random 
function is a keyed hash function. 

10. (Original) The method according to claim 7, wherein a calculated result of 
performing the pseudo random function is truncated to a predetermined amount of bits. 

11. (Original) The method according to claim 1, wherein the subscriber 
identifying value is an International Mobile Subscriber Identity. 

12. (Withdrawn) A method for validating a subscriber identifier, wherein the 
subscriber identifier comprises a format including at least integrity check values, the 
method comprising the steps of: 

detecting an integrity check value of a received subscriber identifier, 
performing an integrity check based on the integrity check value and the 

subscriber identifier, and 

rejecting the subscriber identifier in case the integrity check reveals that the 

subscriber identifier is not valid. 

13. (Withdrawn) The method according to claim 12, further comprising the step 

of 

decrypting the subscriber identifier in case the integrity check is successful. 

14. (Currently Amended) A network control node for generating a subscriber 
identifier, the network node comprising: 

means for generating an identifier base string based on encrypting a subscriber 
identifying value; 

means for generating an integrity check value based on the identifier base string; 

and 
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means for generating a-the subscriber identifier based on a concatenation of the 
identifier base string and the integrity check value. 

15. (Original) The network control node according to claim 14, wherein the 
identifier base string generating means comprises: 

means for binary coding of the subscriber identifying value; 

means for concatenating a random number to the binary coded subscriber 
identifying value; and 

means for performing an encryption algorithm on the concatenated binary coded 
subscriber identifying value and random number, for generating the identifier base string. 

16. (Original) The network control node according to claim 14, wherein the 
subscriber identifier generating means is adapted to perform a base 64 conversion on the 
concatenated identifier base string and the integrity check value. 

17. (Original) The network control node according to claim 14, wherein the 
subscriber identifier generating means is adapted to concatenate a key indicator, for 
indicating a used ciphering key, to a value obtained by the encryption of the subscriber 
identifying value. 

18. (Original) The network control node according to claim 14, wherein the 
subscriber identifier generating means is adapted to concatenate an identifier type 
indicator, for indicating that the subscriber identifier is a particular identifier type, to a 
value obtained by the encryption of the subscriber identifying value. 

19. (Original) The network control node according to claim 15, wherein a defined 
length is provided for the concatenated binary coded subscriber identifying value and the 
random number and wherein the encryption algorithm performing means is adapted to set 
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a value of one for the most significant bits not used for the binary coded subscriber 
identifying value. 

20. (Original) The network control node according to claim 14, wherein the 
integrity check value generating means is adapted to perform a pseudo random function 
on the identifier base string using an integrity key. 

21. (Original) The network control node according to claim 14, wherein the 
subscriber identifier generating means is adapted to concatenate a key indicator for 
indicating a used ciphering key and an integrity key used for generating the integrity 
check value to a value obtained by the encryption of the subscriber identifying value. 

22. (Original) The network control node according to claim 20, wherein the 
pseudo random function is a keyed hash function. 

23. (Original) The network control node according to claim 20, wherein the 
integrity check value generating means is adapted to truncate a calculated result of the 
pseudo random function to a predetermined amount of bits. 

24. (Original) The network control node according to claim 14, wherein the 
subscriber identifying value is an International Mobile Subscriber Identity. 

25. (Withdrawn) A network control node for validating a subscriber identifier, 
wherein the subscriber identifier comprises a format including at least integrity check 
values, the network control node comprising: 

means for detecting an integrity check value of a received subscriber identifier: 
means for performing an integrity check based on the integrity check value and the 
subscriber identifier; and 
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means for rejecting the subscriber identifier in case the integrity check reveals that 
the subscriber identifier is not valid. 



26. (Withdrawn) The network control node according to claim 25 , further 
comprising means for decrypting the subscriber identifier in case the integrity check is 
successful. 

27. (Withdrawn) The network control node according to claim 25 , wherein the 
network control node comprises an AAA (Authentication, Authorization, and 
Accounting) server. 

28. (Currently Amended) A computer program product stored on a tangible 
medium, the product comprising software code, when executed by one or more 
processors, performs th e st e ps of : 




generating an identifier base string based on encrypting a subscriber identifying 

value; 

generating an integrity check value based on the identifier base string; and 
generating a subscriber identifier based on a concatenation of the identifier base 
string and an integrity check value. 

29. (Original) The computer program product according to claim 28, wherein the 
computer program product comprises distributed components stored in more than one 
location of a network. 

30. (Original) The computer program product according to claim 28, wherein said 
computer program product is directly loadable into the internal memory of a computer. 
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3 1 . (Original) The computer program product according to claim 28, wherein the 
computer program product comprises a computer-readable medium on which said 
software code is stored. 
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